// utils/auth.js

/**
 * 权限验证工具
 */

// 权限定义
const PERMISSIONS = {
  // 基础权限
  VIEW_DISHES: 'view_dishes',
  ADD_TO_CART: 'add_to_cart',
  VIEW_ORDERS: 'view_orders',
  VIEW_PROFILE: 'view_profile',
  
  // 厨师权限
  MANAGE_DISHES: 'manage_dishes',
  MANAGE_ORDERS: 'manage_orders',
  MANAGE_MEMBERS: 'manage_members',
  MANAGE_FAMILY: 'manage_family'
}

// 角色权限映射
const ROLE_PERMISSIONS = {
  member: [
    PERMISSIONS.VIEW_DISHES,
    PERMISSIONS.ADD_TO_CART,
    PERMISSIONS.VIEW_ORDERS,
    PERMISSIONS.VIEW_PROFILE
  ],
  chef: [
    PERMISSIONS.VIEW_DISHES,
    PERMISSIONS.ADD_TO_CART,
    PERMISSIONS.VIEW_ORDERS,
    PERMISSIONS.VIEW_PROFILE,
    PERMISSIONS.MANAGE_DISHES,
    PERMISSIONS.MANAGE_ORDERS,
    PERMISSIONS.MANAGE_MEMBERS,
    PERMISSIONS.MANAGE_FAMILY
  ]
}

/**
 * 检查用户是否有指定权限
 * @param {string} permission 权限名称
 * @param {string} userRole 用户角色
 * @returns {boolean} 是否有权限
 */
function hasPermission(permission, userRole) {
  if (!userRole || !ROLE_PERMISSIONS[userRole]) {
    return false
  }
  return ROLE_PERMISSIONS[userRole].includes(permission)
}

/**
 * 检查用户是否已登录
 * @returns {boolean} 是否已登录
 */
function isLoggedIn() {
  const app = getApp()
  return app.globalData.isLoggedIn === true
}

/**
 * 检查用户角色
 * @param {string} role 角色名称
 * @returns {boolean} 是否匹配
 */
function hasRole(role) {
  const app = getApp()
  return app.globalData.userRole === role
}

/**
 * 获取当前用户角色
 * @returns {string|null} 用户角色
 */
function getCurrentRole() {
  const app = getApp()
  return app.globalData.userRole
}

/**
 * 获取当前用户信息
 * @returns {object|null} 用户信息
 */
function getCurrentUser() {
  const app = getApp()
  return app.globalData.userInfo
}

/**
 * 页面权限检查装饰器
 * @param {string} requiredPermission 所需权限
 * @param {string} redirectUrl 无权限时跳转页面
 */
function requirePermission(requiredPermission, redirectUrl = '/pages/auth/login/login') {
  return function(target, name, descriptor) {
    const originalMethod = descriptor.value
    
    descriptor.value = function(...args) {
      if (!isLoggedIn()) {
        wx.redirectTo({ url: redirectUrl })
        return
      }
      
      const userRole = getCurrentRole()
      if (!hasPermission(requiredPermission, userRole)) {
        wx.showToast({
          title: '权限不足',
          icon: 'none'
        })
        return
      }
      
      return originalMethod.apply(this, args)
    }
    
    return descriptor
  }
}

/**
 * 页面角色检查装饰器
 * @param {string} requiredRole 所需角色
 * @param {string} redirectUrl 角色不匹配时跳转页面
 */
function requireRole(requiredRole, redirectUrl = '/pages/index/index') {
  return function(target, name, descriptor) {
    const originalMethod = descriptor.value
    
    descriptor.value = function(...args) {
      if (!isLoggedIn()) {
        wx.redirectTo({ url: '/pages/auth/login/login' })
        return
      }
      
      if (!hasRole(requiredRole)) {
        wx.showToast({
          title: '角色权限不足',
          icon: 'none'
        })
        setTimeout(() => {
          wx.redirectTo({ url: redirectUrl })
        }, 1500)
        return
      }
      
      return originalMethod.apply(this, args)
    }
    
    return descriptor
  }
}

module.exports = {
  PERMISSIONS,
  hasPermission,
  isLoggedIn,
  hasRole,
  getCurrentRole,
  getCurrentUser,
  requirePermission,
  requireRole
} 